3 Backdoors / Trapdoors Secret entry point to program Allows bypassing normal security procedure Mainly used by programmers for debugging Example: special password, event sequence Threat if used to get unauthorized access Difficult to counter Focus on program development security Logic Bombs Coded embedded into some legit program Set to explode when certain conditions met Examples presence of certain files particular day of the week, month, year particular user

4 Trojan Horses Apparently useful program Contain hidden harmful code Will take privilege of user running it Can be implanted in a compiler All compiled applications will be infected Example backdoor in login application delete files in the background Zombie Program secretly planted in net computer Using virus or Trojan When activated, computer perform attacks Difficult to trace back to its creator Planted into hundreds of computers Used in DoS attacks

Chapter 21 Viruses and other Malicious Software Malicious Software Malicious software can be divided into two categories: 1. Need a host program, referred to that cannot exist independently of some actual

Cryptography and Network Security Chapter 21 Fifth Edition by William Stallings Chapter 21 Malicious Software What is the concept of defense: The parrying of a blow. What is its characteristic feature:

9 Malicious Software Viruses and Other Malicious Content computer viruses have got a lot of publicity one of a family of malicious software effects usually obvious have figured in news reports, fiction,

2 Denial of Service Attacks : IT Security Sirindhorn International Institute of Technology Thammasat University Prepared by Steven Gordon on 13 August 2013 its335y13s2l06, Steve/Courses/2013/s2/its335/lectures/malicious.tex,

Seminar Computer Security DoS/DDoS attacks and botnets Hannes Korte Overview Introduction What is a Denial of Service attack? The distributed version The attacker's motivation Basics Bots and botnets Example

system so that an unauthorized individual can take over an authorized session, or to disrupt service to authorized users. From a high-level standpoint, attacks on computer systems and networks can be grouped

HAVE YOU EVER BEEN HACKED? 90% of companies have been hacked 70% of attacks go undetected 60% of all small/med size businesses go out of business within 6 months of a data security breach 32% of computers

: Malicious Software Insider Attacks An insider attack is a security hole in a software system created by one of its programmers. Insider Attacks An insider attack is a security hole in a software system

Firewalls and Intrusion Detection What is a Firewall? A computer system between the internal network and the rest of the Internet A single computer or a set of computers that cooperate to perform the firewall

Denial of Service Attacks, What They are and How to Combat Them John P. Pironti, CISSP Genuity, Inc. Principal Enterprise Solutions Architect Principal Security Consultant Version 1.0 November 12, 2001

Classical Network Security Attacks Dr. Natarajan Meghanathan Professor of Computer Science Jackson State University E-mail: natarajan.meghanathan@jsums.edu Port Scanning Port scan: is a program that when

SECURITY TERMS: Advisory - A formal notice to the public on the nature of security vulnerability. When security researchers discover vulnerabilities in software, they usually notify the affected vendor

E-BUSINESS THREATS AND SOLUTIONS E-BUSINESS THREATS AND SOLUTIONS E-business has forever revolutionized the way business is done. Retail has now a long way from the days of physical transactions that were

CSE 3482 Introduction to Computer Security Denial of Service (DoS) Attacks Instructor: N. Vlajic, Winter 2015 Learning Objectives Upon completion of this material, you should be able to: Explain the basic

CSC 170 - Introduction to Computers and Their Applications Lecture 9 Digital Security Encryption Encryption transforms a message or data file in such a way that its contents are hidden from unauthorized

MIS5206 Week 13 Your Name Date 1. When conducting a penetration test of an organization's internal network, which of the following approaches would BEST enable the conductor of the test to remain undetected

MALWARE MALWARE Malware is short for "malicious software. Malware is any kind of unwanted software that is installed without your adequate consent Example: virus, worms, and Trojan horses that are often

Denial Of Service The goal of a denial of service attack is to deny legitimate users access to a particular resource. An incident is considered an attack if a malicious user intentionally disrupts service

1- A (firewall) is a computer program that permits a user on the internal network to access the internet but severely restricts transmissions from the outside 2- A (system failure) is the prolonged malfunction

Denial-of-Service (DoS) CS 161: Computer Security Prof. David Wagner March 5, 2013 Attacks on Availability Denial-of-Service (DoS): preventing legitimate users from using a computing service We do though

Intrusion Detection One of the publicized threats to security is the intruder, generally referred to as a hacker or cracker. 1 An analysis of intrusion attacks revealed that there were two levels of hackers.

Firewalls, Tunnels, and Network Intrusion Detection 1 Firewalls A firewall is an integrated collection of security measures designed to prevent unauthorized electronic access to a networked computer system.

Course: Introduction to Cyber Security Duration: 5 Day Hands-On Lab & Lecture Course Price: $ 3,495.00 Description: In 2014 the world has continued to watch as breach after breach results in millions of

Firewalls, Tunnels, and Network Intrusion Detection 1 Part 1: Firewall as a Technique to create a virtual security wall separating your organization from the wild west of the public internet 2 1 Firewalls

Announcements No question session this week Stretch break DoS attacks In Feb. 2000, Yahoo s router kept crashing - Engineers had problems with it before, but this was worse - Turned out they were being

ANTIVIRUS BEST PRACTICES Antivirus Best Practices 1. Introduction This guideline covers the basics on Antivirus Software and its best practices. It will help to have an overall understanding of the subject

Denial of service attacks: what you need to know Contents Introduction... 2 What is DOS and how does it work?... 2 DDOS... 4 Why are they used?... 5 Take action... 6 Firewalls, antivirus and updates...

Lectures 9 Advanced Operating Systems Fundamental Security Computer Systems Administration TE2003 Lecture overview At the end of lecture 9 students can identify, describe and discuss: Main factors while

Available online at www.ijiere.com International Journal of Innovative and Emerging Research in Engineering e-issn: 2394-3343 p-issn: 2394-5494 Survey on DDoS in Cloud Environment Kirtesh Agrawal and Nikita

What are Viruses, Trojans, Worms & Spyware: There are many different types of computer viruses circulating in the cyber world, including regular Computer Viruses, Worms, Trojans, and Spyware. Each is different

Dos & DDoS Attack Signatures (note supplied by Steve Tonkovich of CAPTUS NETWORKS) Signature based IDS systems use these fingerprints to verify that an attack is taking place. The problem with this method